Introduction
Indulge your passion for problem-solving and embrace the thrill of addressing risk head-on at Gallagher's global brokerage team. Join a family of diverse minds, united by a relentless pursuit of excellence. As part of our team, you'll be the architect of protection, safeguarding businesses and empowering their ambitions. Together, we'll build a legacy of trust and triumph in the dynamic world of risk management.
We believe that every candidate brings something special to the table, including you! So, even if you feel that you’re close but not an exact match, we encourage you to apply.
Overview
The Business Information Security Officer (BISO) functions as the cyber and information security leader for Gallagher UK & EMEA. The BISO reports up to the Global Chief Information Security Officer (CISO) with a strong dotted line reporting relationship to the UK & EMEA Chief Information Officer (CIO) to help support the achievement of both enterprise-level and divisional information security strategies, objectives, and obligations.
The BISO works in close collaboration with Corporate and divisional leaders across all business, legal, central services and technology teams to identify, assess, prioritise and manage information security risk within the division.
Key areas of responsibility include information security risk management, system security, data protection, compliance, training, audits, managing mergers and acquisition risk, and executive-level reporting and communications.
This role includes performing significant management certification function and as a minimum, your fitness and propriety to perform the role will be assessed annually. Gallagher will issue your certificate prior to performing the role and at least annually thereafter.
How you'll make an impact
- Establish excellent working relationships and maintain ongoing communication / transparency with divisional leaders and members of the Global Cyber and Information Security team, and other key stakeholders.
- Provide guidance to the UK & EMEA CIO and the Global CISO on existing divisional security gaps, associated risks, and prioritisation of remediation activities.
- Coordinate with the Global Cyber and Information Security team, divisional IT Compliance Leads to ensure a consistent approach is followed during execution of information security processes and procedures.
- Raise awareness to technology and business application owners about relevant application security processes and provide oversight and assurance the division’s application inventory is accurately captured and inventoried.
- Work with the Incident Response Team to assist in coordinating the overall response and recovery activities for security incidents.
- Define, prepare, and distribute divisional cybersecurity metrics to the Global CISO, Divisional CIO, and executive teams around key divisional IT security and performance indicators.
- Ensure alignment with and promote the Global IT Policies and Standards Manual (GITPSM), including key controls, between the division, enterprise cyber security team, and technology leads.
- Ensure all applicable regulatory, legal, compliance and contractual obligations are properly interpreted and continuously met by the security program. Stay abreast of external requirements, trends, and best practices.
- Increase security maturity and reduce risk across designated divisions by identifying and driving implementation of leading cyber security standards, practices and controls (ISO/IEC 27001, SOC 1, SOC 2, HITRUST, etc.).
- Counsel divisional IT management on security requirements for acquisitions and mergers and the vetting and procurements of new applications and technology platforms.
- Coordinate with the Global Cyber and Information Security team, divisional IT Compliance Leads, and other divisional BISOs in the creation of a Cyber Security Governance Framework.
- Take responsibility for Compliance Operations, including audit preparation and liaison with internal and external auditors
About You
- Previous experience in an Information Security Leadership role gained preferably in the Insurance or Financial Services industry.
- Previously held a Certified role or demonstrates a good understanding of the requirements.
- Excellent understanding of information security risk management methodologies and regulatory requirements pertaining to information security, and/or data security.
- Experience with security and control standards, frameworks, and best practices (e.g. ISO 27001, NIST, COBIT, COSO)
- Ability to interpret and apply policies and regulations across a large, complex business.
- Demonstrated leadership of multiple projects or a portfolio of projects with cross-functional stakeholder groups
- Significant people development and management experience is essential
- Ability to build rapport, establish credibility and to engage and influence stakeholders at all levels, internally and externally.
- Results-oriented mind-set with a drive for growth
- Experience of working in a global, matrix-managed organisation, with the upmost integrity and confidentiality
- Eligible to work in the UK.
- Ability to travel as required
Compensation and benefits
On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits.
Below are the minimum core benefits you’ll get, depending on your job level these benefits may improve:
- Minimum of 25 days holiday, plus bank holidays, and the option to ‘buy’ extra days
- Defined contribution pension scheme, which Gallagher will also contribute to
- Life insurance, which will pay 4x your basic annual salary, which you can top-up to 10x
- Income protection, we’ll cover up to 50% of your annual income, with options to top up
- Health cash plan or Private medical insurance
Other benefits include:
- Three fully paid volunteering days per year
- Employee Stock Purchase plan, offering company shares at a discount
- Share incentive plan, HMRC approved, tax effective, stock purchase plan
- Critical illness cover
- Discounted gym membership, with over 3,000 gyms nationally
- Season ticket loan
- Access to a discounted voucher portal to save money on your weekly shop or next big purchase
- Emergency back-up family care
- And many more…
We value inclusion and diversity
Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organisation. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work.
Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest.
Gallagher is Disability Confident Committed. We have pledged to make sure our recruitment process is inclusive and accessible, in addition to supporting our existing employees with any long-term health conditions or disabilities.
We understand that applicants may have disabilities, if you do, you may find some parts of the recruitment process more challenging than others. Don’t worry, we’re here to help, however, we can only do this if you let us know.
Should you require reasonable adjustments to your application, please get in touch with TAGlobalSupport@ajg.com . If you’d prefer to speak on the phone, please request a call back, leaving details, so we get in touch.
Our employing entity, Arthur J. Gallagher Services (UK) Limited, is proud to be accredited as a Living Wage employer with the Living Wage Foundation. We are committed to diversity and opportunity for all and are opposed to any form of less favourable treatment on the grounds of gender or gender identity, marital status, civil partnership status, parental status, race, ethnicity, colour, nationality, disability, sexual orientation, religion/ belief, age and those with caring responsibilities.
Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws.
Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.